Department of Defense CMMC Cybersecurity Compliance is No Longer Optional – Is Your Business Ready?

Did you know? All businesses contracting with the Department of Defense (DoD), including primes, subcontractors, and suppliers, are now required to meet new Cybersecurity Maturity Model Certification (CMMC) Level 1 cybersecurity requirements* included in DoD contracts.

If your business does not meet those requirements, it will not be eligible to bid for DoD contracts with the Army, Navy, Air Force, Defense Logistics Agency, and Missile Defense Agency, to name a few.

Businesses will complete the CMMC Level 1 through a self-assessment. This successful self-assessment is what will allow firms to continue selling in the defense marketplace. Additional benefits include ensuring good cyber hygiene and more security from general cyberattacks.

No time to figure out the CMMC requirements on your own?

The Washington APEX Accelerator Team at Economic Alliance Snohomish County (EASC) is here to help!

“Our goal is to assist businesses in understanding the requirements and give them great tools to meet them,” says Cara Buckingham, APEX Accelerator Center Manager and Advisor. “Totem Tech and Govology have developed a great curriculum, and the Totem Tech Management Tool provides the structure to both visualize and create a process for compliance.”

Simplifying the Process

APEX is teaming up with Totem Technologies and Govology to offer CMMC Level 1 Readiness Workshops to help simplify the compliance process. 

The series, developed by Totem Technologies cybersecurity experts and led by Certified Facilitators Cara Buckingham and Mark Johnson, will coach businesses through CMMC Level 1 compliance by breaking down the requirements, guiding businesses step-by-step, and providing tools and resources to streamline the process.

Each week, participants will be introduced to a new set of topics: 

• Week 1 provides an overview of requirements and scoping needed to perform a self-assessment
• Week 2 covers building a System Security Plan (SSP)
• Week 3 offers instruction on reporting assessment results

“I found the information to be explained very well,” says Heather Radar with Evergreen Concrete Cutting, Inc. “And I appreciate the additional templates available for download extremely useful.”

Upcoming Cohort Workshops

Businesses can expect it to take approximately 6 months to build and implement Level 1 plans and complete/load the self-assessment.

The next Cohort Workshop is scheduled for August 1-22 and will include: 

• One live virtual kick-off meeting on August 1st 
• Access to on-demand presentations, learning resources, and ready-made self-assessment tools to streamline your assessment process
• Three (3) live virtual 1-hour Q&A sessions on August 8th, 15th & 22nd

Registration is now open, but limited to 20 people. Click here to reserve your spot! If you are unable to attend in August, additional CMMC Level 1 Readiness Cohorts will be offered in September and October, as well as in January, February, and March of 2026.

Washington APEX Accelerator is committed to increasing the number of Washington-based businesses winning government contracts. Contact us today to learn more about our one-to-one advising, training, and events.

*There are two exceptions to the CMMC requirements: 1) If your business sells Commercial Off the Shelf Items (COTS); 2) Your contract value is under the DoD Micro Purchase Threshold ($10,000 or less).

This APEX Accelerator is funded in part through a cooperative agreement with the Department of Defense.